Find a Question:

Report: DDoS attacks are more and more focused

Jan

28

2016

Security firm Arbor Networks shows in its annual worldwide infrastructure security report that DDoS attacks in the past year up to 500Gbps incurred. Moreover, these attacks often target specific, vulnerable services of a website.

Arbor Networks, the report prepared on the basis of a survey, which it held in October 2015 among 354 respondents include ISPs, hosting companies and mobile carriers. The main part of these service providers is located in the US or EU. The largest DDoS attack, which was reported by an ISP and should be investigated further, was 500Gbps. This was followed in size by attacking 450Gbps, 425Gbps and 337Gbps. In 2014 would be twenty percent of organizations have reported seizures of over 50Gbps, last year would be a quarter of the respondents have reported seizures of more than 100Gpbs.

Darren Antsee, security chief at Arbor Networks, let the BBC know that the size of the attack is not the most remarkable. He indicates that it is remarkable that more small DDoS attacks are aimed at sections of a site that are easier to shut down. Attackers would first analyze a site before they launch an attack. In most cases it would go according to Antsee criminals who show what they are capable. This was also seen in the way the DD4BC group, which Europol recently two members arrested.

The report further shows that most DDoS attacks are aimed at port 80, used for HTTP traffic. Attacks on DNS port 53 and https port 443, respectively, follow in second and third place. In the top ten are also ports for Xbox Live and Minecraft, it would show that attacks occur more frequently in relation to online games. Furthermore, the US number one when it comes to targets, as well as the country of origin. Lastly, seventy percent of the mobile operators have had to deal with DDoS attacks on their customers.

In recent weeks there have been particularly noticeable in Ireland attacks carried out, including on the lottery and on government websites. Late last year found large bouts of short duration instead of the DNS root servers on the Internet. Security researcher Bruce Schneier posted as a comment on his blog in which he voiced the suspicion that someone was the strength of its DDoS attacks to testing.